CBA's $A700 million fine will end up punishing its customers

Sandeep Gopalan

The Commonwealth Bank of Australia, parent of ASB, this week agreed to pay a record penalty to settle its violations of anti-money laundering and counter-terrorism financing laws. The $A700 million fine plus legal costs will become final upon the approval of the Federal Court.

The deal was met with market approval, and has allowed regulators to claim victory. Given the public’s current hostility to banks in the wake of revelations from the Banking Royal Commission, politicians also joined the bandwagon and applauded CBA’s loss.

What if the penalty is a sign of mob justice, rather than just deserts? And given the scale of the payout, will the fine also end up further punishing customers and shareholders?

Answering these questions requires a close look at the case. CBA was alleged to have violated the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, in several specific ways.

First, it introduced Intelligent Deposit Machines (IDMs) without conducting an independent risk assessment and/or instituting mitigation procedures to tackle money-laundering. Unlike older ATMs, IDMs process cash deposits and make the funds available for transfer immediately. Clearly, criminals could use these features to launder cash gained through crime. CBA wrongly believed that its existing ATM monitoring processes covered these risks.

Second, it was warned about these risks and could have minimised money laundering by imposing daily limits on accounts. CBA refused.

Third, CBA failed to provide transaction reports within 10 business days for cash deposits greater than $A10,000. This violation referred to 53,506 transactions totalling about $A625 million. The failure was due to a coding error – the software was not updated to pick up a new code created for IDM deposits.

Fourth, CBA failed to report transactions with a pattern of money-laundering – apparently misunderstanding its legal obligations.

Fifth, CBA failed to report suspicions about identity fraud – for example, in relation to eight money-laundering syndicates. Therefore, AUSTRAC and law enforcement were unaware of “several million dollars of proceeds of crime mostly connected with drug importation and distribution” that passed into accounts held by CBA.

Sixth, CBA was deficient in monitoring accounts despite warnings from law enforcement – 778,370 accounts were not monitored. CBA was slow to act even after suspicious accounts were terminated, facilitating money-laundering.

Clearly these are significant violations. However, the statement of facts agreed by AUSTRAC and CBA state that the bank did not deliberately or intentionally violate its legal obligations under the relevant laws.

Considering that CBA’s violations were inadvertent, due to technical glitches, and attributable to a mistaken belief about existing systems satisfying legal obligations, the A$700 million fine might be excessive.

International comparisons
By international standards, the fine seems to be very high. This week the UK Financial Conduct Authority fined the British division of India’s Canara Bank £896,100 (A$1.58 million) for “consistent failure” in its money-laundering controls, and for failings “affecting almost all aspects of its business”.

The FCA said the bank’s failings “potentially undermine the integrity of the UK financial system by significantly increasing the risk that Canara could be used for the purposes of domestic and international money laundering, terrorist financing and those seeking to evade taxation or the implementation of sanction requirements”.

In the United States, the Justice Department fined US Bancorp US$528 million (A$694 million) for criminal violations of money-laundering laws and for concealing its behaviour from regulators.

CBA’s fine is far higher than Canara’s punishment for similar violations, and roughly on a par with the sanction meted out to US Bancorp - albeit the latter was for more serious criminal wrongdoing. It is also comparable to the $US665 million (A$874 million) penalty imposed on HSBC (plus $US1.26 billion in sacrificed profits). Unlike CBA, HSBC was punished for “willfully failing” to maintain proper money-laundering controls.

Yet the proceeds from HSBC’s violations stretching back to the 1990s were staggering: at least US$881 million in laundered drug money; a failure to monitor more than $US670 billion in wire transfers and over US$9.4 billion in purchases of physical US dollars from HSBC Mexico; some $US660 million in sanctions-prohibited transactions; and evidence of deliberate sanctions violations by processing transactions to parties in Iran, Cuba, Burma, Sudan, and Libya.

A fair punishment?
The size of CBA’s penalty seems to be more in line with banks that have deliberately flouted money-laundering laws, rather than the smaller punishments handed to banks that did so unintentionally. It is tempting to conclude that this is influenced by the current prevailing mood to “send a message” to financial institutions.

What’s more, we cannot necessarily assume that the fine will act as a deterrent. The penalty is not paid by the CBA staff who acted wrongly; it is paid by the bank, ultimately by the shareholders.

Similarly, the cost of managing enhanced scrutiny and investing in additional compliance machinery will be passed on to customers in the form of higher charges and fees. Likewise, if banks become excessively cautious because of apprehensions about overenforcement, that will impact services and reduce profitability – again harming innocent people.

The punishment must always fit the crime. Excessive punishment is counterproductive and creates additional victims.

If the purpose was really to tackle wrongdoing, the CBA staff who were responsible for the violations should have been identified and penalised.

The ConversationThe A$700 million fine is good for political posturing but will hurt customers and shareholders the most. Bank-bashing has a cost, and it is paid by ordinary people, not politicians.

Sandeep Gopalan is Pro Vice-Chancellor (Academic Innovation) & Professor of Law at Deakin University

This article was originally published on The Conversation. It was not commissioned or paid for by NBR.


8 · Got a question about this story? Leave it in Comments & Questions below.

This article is tagged with the following keywords. Find out more about MyNBR Tags

Post Comment

8 Comments & Questions

Commenter icon key: Subscriber Verified

I have to agree with a lot of what he says, especially "the CBA staff who were responsible should have been identified and punished." He also states "Bank bashing has a cost, and it is paid by ordinary people, not politicians." True, but "bank bailouts/bailins" have an even HIGHER cost which is paid by ordinary people not politicians." The 2008 bailout is a case in point but will probably pale into total insignificance when the next crash happens, an it certinly seems to be gtting very close, very quickly. The view seems to be that Deutsche Bank will be the first domino followed by the Italian and French Banks. The A$700 Million fine WILL hurt customers and shareholders, but the next crash will hurt them even more. Being a shareholder and/or customer of a bank is a choice and, as a customer/depositor, you are merely an unsecured creditor. A Lord Goddard said," The only person with money in the bnk is the banker." Someone in a comment recently said "I use the Bank of Mattress," which is much safer than your ordinary bank

Reply
Share
  • 0
  • 0

.......much safer than your ordinary bank..........
What arrant nonsense. Where do you want me to start? No security, no yield, loss to inflation. The bank of mattress is probably the worst of all options. Ever heard of diversification?

Reply
Share
  • 0
  • 1

The bank of mattress would still be better than buying gold. As gold doesn't pay interest and still has the same security problems.

Reply
Share
  • 0
  • 0

Thanks for your reply Anonymous. Yes, I have heard of diversification and support it. Being a superannuitant I do not, as you can imagine, live "high on the hog" and so do not have a lot with which to "diversify." Your points about "no yield" and "loss to inflation" I agree are valid but I strongly disagree with your "no security" point. Whatever is in the Bank of Matress cannot be stolen by the RBNZ when it implements its OBR. Time will tell, you saves your money (wherever) and you takes your chance.

Reply
Share
  • 0
  • 0

CBA is just a name so whilst punishment for the entity is appropriate it fails to effectively punish or deter those involved in such decisions. The answer must be punishing/deterring those responsible for the decisions and take into account their failure to heed advice or at least mitigate effects, loss of income by way of demotion or fine is ok for low level personnel or failures but failure at Governance level needs to be adequate, perhaps disqualification from holding directorships for 5 years or less according to the severity of impact.

Reply
Share
  • 0
  • 0

Spot on Rumpole m'lord. I'd much rather see no cash fine for the company but name. shame, and much more for those individuals involved from the operational staff right up to the 'sign off' managers and directors. As others both NBR and in Oz have observed this will only hurt customers, shareholders, and the super funds holding CBA stock.

Reply
Share
  • 0
  • 0

What a joke! $700mil is the equivalent of 26 days profit for CBA.....hardly a drop in the ocean. No friend of Mal's was ever going to be held responsible. The customers will just keep getting rorted even harder

Reply
Share
  • 0
  • 0

Remembering that customers can vote with their feet, or the click of a mouse to change banks.

Ive just give Westpac their matching orders for not advising me they changed by incentive saver to an ordinary saver, saving themselves 1.5% in interest payments.

In my view, the shareholders will be feeling this fine; rather than the customers. There's a big revolt happening with banksters, and customers have had another. Switch to a local community owner bank, so if you are getting rorted, to can eye ball the people who are responsible.

Reply
Share
  • 0
  • 0

Post New comment or question

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.